mirrors/llvm-project
0
0
Fork 0
mirror of https://github.com/llvm/llvm-project.git synced 2025-05-05 10:26:06 +00:00
Code Issues Projects Releases Wiki Activity
50,556 Commits 1,258 Branches 288 Tags
Commit Graph

49 Commits

Author SHA1 Message Date
Zhongxing Xu
9165ed69af Add support for AllocaRegion extent with GDM. 
One design problem that is emerging is the signed-ness problem during static
analysis. Many unsigned value have to be converted into signed value because
it partipates in operations with signed values. 

On the other hand, we cannot blindly make all values occuring in static analysis
signed, because we do have cases where unsignedness is required, for example,
integer overflow detection.

llvm-svn: 59957
 2008-11-24 09:44:56 +00:00
Zhongxing Xu
f556cd6cb9 Strings are NULL terminated. So the region size should plus one. 
llvm-svn: 59943
 2008-11-24 05:16:01 +00:00
Zhongxing Xu
8361d4c51b Add a comment about the signedness. 
llvm-svn: 59932
 2008-11-24 02:30:48 +00:00
Zhongxing Xu
a61731dd0d Add getSize() support for StringRegion. 
llvm-svn: 59930
 2008-11-24 02:18:56 +00:00
Zhongxing Xu
cdf25053ee Clean up code by using utility methods. 
llvm-svn: 59899
 2008-11-23 04:30:35 +00:00
Zhongxing Xu
4c8bf0086a Remove debug code. 
llvm-svn: 59870
 2008-11-22 13:23:00 +00:00
Zhongxing Xu
4d45b34a8a Initial support for checking out of bound memory access. Only support 
ConcreteInt index for now.

llvm-svn: 59869
 2008-11-22 13:21:46 +00:00
Zhongxing Xu
e5816f213d Add support for symbolicating global structs and arrays in RegionStoreManager::getInitialStore(). 
llvm-svn: 59619
 2008-11-19 11:06:24 +00:00
Ted Kremenek
c0145fd0bf Fix warning about RegionStoreManager::Retrieve() not always returning a value. 
llvm-svn: 59571
 2008-11-19 00:27:37 +00:00
Zhongxing Xu
f87a7abcd4 handle the case that the array element is of structure type when bind the whole array to a single value (for example, UnknownVal, UndefinedVal). 
llvm-svn: 59521
 2008-11-18 13:11:04 +00:00
Zhongxing Xu
99a96d6ef3 Enhance modularization: return a <state,loc> pair to let GRExprEngine modify the 
environment.

llvm-svn: 59407
 2008-11-16 07:06:26 +00:00
Zhongxing Xu
ceca80619f Enhances SCA to process untyped region to typed region conversion. 
- RegionView and RegionViewMap is introduced to assist back-mapping from
   super region to subregions.
 - GDM is used to carry RegionView information.
 - AnonTypedRegion is added to represent a typed region introduced by pointer
   casting. Later AnonTypedRegion can be used in other similar cases, e.g.,
   malloc()'ed region.
 - The specific conversion is delegated to store manager.

llvm-svn: 59382
 2008-11-16 04:07:26 +00:00
Zhongxing Xu
6a276cf5b7 Improve zero value generation. 
llvm-svn: 59356
 2008-11-15 05:18:50 +00:00
Zhongxing Xu
d4e72fca45 Process array base expression of any type. 
llvm-svn: 59240
 2008-11-13 09:48:44 +00:00
Zhongxing Xu
189a30796a Array index might be unsigned. We have to generate a temporary signed value for 
it to be evaluated by APSInt::operators.

llvm-svn: 59238
 2008-11-13 09:15:14 +00:00
Zhongxing Xu
29188c2948 Incomplete struct pointer can be used as a function argument. 
llvm-svn: 59235
 2008-11-13 08:41:36 +00:00
Ted Kremenek
cd639218e4 StoreManager::BindDecl now takes an SVal* for the initialization value instead of an Expr* (which can be null). Lazy symbolication of conjured symbols is now the sole responsibility of GRExprEngine. 
llvm-svn: 59151
 2008-11-12 19:18:35 +00:00
Zhongxing Xu
18d6fd45de Implement RegionStoreManager::RemoveDeadBindings(). This prunes several false warning caused by removal of symbolic constraints. Currently we just mark all symbols live. Further optimization for dead binding removal needed. 
llvm-svn: 58982
 2008-11-10 09:39:04 +00:00
Zhongxing Xu
2c677c34d5 Finish the implementation of VisitCompoundLiteralExpr. As VisitInitListExpr is 
available, things get much simplified.

One addition is that CompoundLiteralExpr can appear both in rvalue and lvalue
context.

llvm-svn: 58837
 2008-11-07 10:38:33 +00:00
Zhongxing Xu
e79a4e667b Make the assertion real. 
llvm-svn: 58833
 2008-11-07 08:57:30 +00:00
Zhongxing Xu
2e8e604704 1. When a pointer to struct is used as an argument, GRSimpleVals::EvalCall() 
sets the whole struct to Unknown. Then we cannot assume the V passed to
   BindStruct() is always a CompoundVal. When it is an UnknownVal, we call
   BindStructToVal(UnknownVal).

2. Change the signature of InitializeStructToUndefined() to BindStructToVal()
   to reuse the code.

llvm-svn: 58564
 2008-11-02 12:13:30 +00:00
Zhongxing Xu
73f006e800 Simplify interface. We can get canonical type from the base region directly. No need for an extra type argument. 
llvm-svn: 58507
 2008-10-31 11:02:48 +00:00
Zhongxing Xu
b393b5080c Implement struct initialization for SCA. 
llvm-svn: 58506
 2008-10-31 10:53:01 +00:00
Zhongxing Xu
98bb1fa69e Implement array initialization for SCA. 
llvm-svn: 58504
 2008-10-31 10:24:47 +00:00
Zhongxing Xu
ce71638c0d Implement BindStruct and fix a bug in RetriveStruct. 
llvm-svn: 58496
 2008-10-31 08:10:01 +00:00
Zhongxing Xu
6c0d588942 Implement load from struct region. Instead of returning an UnknownVal(), we create a CompoundVal by loading from each field of the struct. 
llvm-svn: 58494
 2008-10-31 07:16:08 +00:00
Zhongxing Xu
628ae879ea Rename: AddDecl => BindDecl 
BindDecl better describes what the function does:
  - Bind the VarDecl to its memory region
  - Bind the memory region to some initial value.

llvm-svn: 58359
 2008-10-29 02:34:02 +00:00
Ted Kremenek
bf26368255 Added preliminary support for CompoundLiterals in the static analyzer: 
- GRExprEngine::VisitCompoundLiteral...
   (1) visits the initializer list (generating ExplodedNodes)
   (2) creates a CompoundMemRegion for the literal
   (3) creates a new state with the bound literal values using
       GRStateManager::BindCompoundLiteral

- GRStateManager::BindCompoundLiteral simply calls 
  StoreManager::BindCompoundLiteral to get a new store and returns a persistent
  GRState with that store.

- BasicStore::BindCompoundLiteral simply returns the same store, as it
  doesn't handle field sensitivity
  
- RegionStore::BindCompoundLiteral currently fires an assert (pending discussion
  of how to best implement mappings for CompoundLiteralRegion).

llvm-svn: 58277
 2008-10-27 21:54:31 +00:00
Zhongxing Xu
144d7554c4 Use ASTContext::getCanonicalType() to get TypedRegion's type. 
llvm-svn: 58247
 2008-10-27 13:35:03 +00:00
Zhongxing Xu
36d4ade4be We cannot get precise lvalue for symbolic base array region. 
llvm-svn: 58243
 2008-10-27 12:23:17 +00:00
Zhongxing Xu
bb18b57f53 Get the canonical type for struct initialization. The original code would crash on TypedefType. 
llvm-svn: 58236
 2008-10-27 09:24:07 +00:00
Zhongxing Xu
60de6c6c63 Remove loc::StringLiteralVal. Now we allocate regions for string literals in the Store. 
llvm-svn: 58182
 2008-10-26 02:27:21 +00:00
Zhongxing Xu
bf47dc85fe Simplify ArrayToPointer conversion. Actually the only thing we need to do is to get the first element region. It is not necessary to care about the kind of the base array region. 
llvm-svn: 58181
 2008-10-26 02:23:57 +00:00
Zhongxing Xu
0d2706f6b8 Add code for get the lvalue for string literals. Now we return a StringRegion 
for StringLiteral lvalue evaluation, instead of directly returning a
loc::StringLiteralVal by the Environment.

llvm-svn: 58138
 2008-10-25 14:18:57 +00:00
Ted Kremenek
f3be44f191 Added method "getSelfRegion" to Store. This method returns the region associated with the "this" or "self" object (C++ and Objective-C respectively). 
llvm-svn: 58107
 2008-10-24 20:32:16 +00:00
Zhongxing Xu
e834fc1249 The Decl of an array region can be VarDecl or FieldDecl. Handle this in RegionStoreManager::ArrayToPointer(). 
llvm-svn: 58086
 2008-10-24 09:06:51 +00:00
Zhongxing Xu
729518be3a Implement struct initialization. Make it into a recursive function. Also make 
the array initialization code into a function.

llvm-svn: 58083
 2008-10-24 08:42:28 +00:00
Zhongxing Xu
1359e00f9c Add printing method to RegionStoreManager. 
llvm-svn: 58074
 2008-10-24 06:01:33 +00:00
Zhongxing Xu
c7796d347d Fix 80-col violation. 
llvm-svn: 58070
 2008-10-24 04:33:15 +00:00
Zhongxing Xu
cebb741f68 Add a bunch of dummy methods to make RegionStoreManager non-virtual. 
llvm-svn: 58061
 2008-10-24 01:38:55 +00:00
Zhongxing Xu
a8d2cbe47f Added getLValueElement() to RegionStore. Only handle constant array for now. 
llvm-svn: 58058
 2008-10-24 01:09:32 +00:00
Ted Kremenek
6779f893b9 Make the analyzer store (memory model) a command line option. 
llvm-svn: 58056
 2008-10-24 01:04:59 +00:00
Zhongxing Xu
2fbc35443d Add a bunch of getLValue* methods to RegionStore. 
llvm-svn: 57977
 2008-10-22 13:44:38 +00:00
Douglas Gregor
5251f1b283 Preliminary support for function overloading 
llvm-svn: 57909
 2008-10-21 16:13:35 +00:00
Zhongxing Xu
8f6855e642 Modify Store interface: GetSVal/SetSVal => Retrieve/Bind. 
llvm-svn: 57896
 2008-10-21 06:27:32 +00:00
Zhongxing Xu
83aff7079f Process decls in RegionStore. Individual elements of fixed size arrays are 
initialized to UndefinedVal.

llvm-svn: 57892
 2008-10-21 05:29:26 +00:00
Ted Kremenek
8b103c65c6 - constify some uses of MemRegion* (MemRegion should be immutable). 
- Added new region "SymbolicRegion", which maps symbol values to the region domain.
- Enhanced BasicStore::getFieldLValue() to return a FieldRegion (using SymbolicRegion)
- Added some utility methods to GRState for fetch svals from the store.
- Fixed regression in CheckNSError (we weren't getting the value bound to the parameter)

llvm-svn: 57717
 2008-10-17 20:28:54 +00:00
Zhongxing Xu
27f174214d This patch did the following renaming. There should be no functional changes. 
RVal => SVal
LVal => Loc
NonLVal => NonLoc
lval => loc
nonlval => nonloc

llvm-svn: 57671
 2008-10-17 05:57:07 +00:00
Zhongxing Xu
d9959aee34 This is the first step to implement a field-sensitive store model. Other things are simplified: no heap shape assumption, no parameter alias assumption, etc. 
llvm-svn: 57285
 2008-10-08 02:50:44 +00:00